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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce'any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)S Responsive to communication(s) filed on 1/14/2000 . 
2a)\3 This action is FINAL. 2b)H This action is non-final. 

3) 0 Since this application is in condition for allowance except for fomial matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-28 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) n Claim(s) is/are allowed, 

6) 13 Claim(s) 1-28 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)0 The drawing(s) filed on is/are: a)n accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action orfomn PTO-152. 

Priority under 35 U.S.C. § 119 

12)n Acl^nowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or(f). 
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1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. , 
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application from the International Bureau (PCT Rule 17.2(a)). 
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DETAILED ACTION 

Response to Amendment 

1. Applicant's arguments with respect to claims 1-28 have been considered but 
are moot in view of the new ground(s) of rejection. 



Claim Rejections - 35 USC §112 

2. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out 
and distinctly claiming the subject matter which the appUcant regards as his 
invention. 

Claims 1-28 are rejected The meaning of every term used in any of the claims 
should be apparent from the descriptive portion of the specification with clear 
disclosure as to its import; and in mechanical cases, it should be identified in the 
descriptive portion of the specification by reference to the drawing, designating 
the part or parts therein to which the term applies. A term used in the claims may 
be given a special meaning in the description. No term may be given a meaning 
repugnant to the usual meaning of the term. See MPEP 608.01 (o). 
As per claims 1-28 the term "PKI" is stated in the claims along with unsigned 
documents. It is inherent in a PKI system that the certificate, or ticket is signed. 
It is part of the definition Newton's Telecom Dictionary "... .procedures for the 
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distribution of public keys via digital certificates signed by Certificate 
Authorities...." 

Claims 1-28 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. 

Claims 1-28, are rejected because in a comprising claim, such as claims 1 and 13, 
it is not clear how the negative limitation of "not signed" effects the remaining 
portions of the claim. 

Claim Rejections - 35 USC §103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made to 
a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

3. Claims 1, 2, 6, 7, 8, 13, 14, 18, 19, 20, 25, and 26 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Stallings "How to protect the 
company jewels" in view of Fischer US 5,475,826 

As per claims 1, 13, 25, and 26 Stallings teaches that a certificate authority issues 
a certificate, (Page 2 paragraph 3 lines 1-6). Stallings teaches an issued certificate 
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with a public key, long term identification information, and meta-data related to 
the certificate, where the certificate is not signed, (Page 2, paragraph 4, lines 1-2). 
Stallings teaches a period of validity, (Page 3, paragraph 1 line 4). 
Stallings does not teach a verifier with hashes. 

Fischer teaches a system that has a verifier that maintains hashes of files in a 
security database. Fischer teaches that when files are presented they are scanned 
and a new hash is computed to verify the file matches the hash stored in the 
database, (Col 12 line 63- Col 13 line 5). 

It would have been obvious to one of ordinary skill in the art to modify the 
certificate system of Stallings with the hash verifier of Fischer because the hash 
table verification would enhance the security of the system. 

As per claims 2 and 14, Stallings teaches that the certificate has a time period, 
(Validity) (Page 3, paragraph 1 line 4). 

As per claims 6, 7, 8, 18, 19, and 20 it is well known in the art to use the hashing 
algorithms of MD5, and SHAl, which are collusion free hash algorithms. 

Claims 3, 4 and 15, 16 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Stallings "How to protect the company jewels" in view of 
Fischer US 5,475,826 in view of Maruyama US 6,393,563 



Application/Control Number: 09/483,186 
Art Unit: 2134 



Page 5 



As per claims 3, and 15, the previous Stallings-Fischer combination teaches that 
the certificate may not need a time and date, (Page 3, paragraph 2, Hnes 1-2). 

As per claims 4 and 16, Stallirigs discloses a private key. Stallings does not 
disclose storing the private key on a smart card. 

Maruyama disclose a private key may be stored on a smartcard, (Col 1 line 20, 
53-56). 

It would be obvious to modify the Stallings private key with Maruyama' s smart 
card, because the smart card increases the security of key storage. 

Claims 5 and 17 are rejected under 35 U,S.C. 103(a) as being unpatentable 
over Stallings "How to protect the company jewels" in view of Fischer US 
5,475,826 in view of Kausik US 6,263,446. 

As per claims 5 and 17, the previous StalHngs-Fischer combination does not 
disclose a software wallet. 

Kausik discloses storing a private key in a software wallet, (Col 4 lines 1-6). 

It would be obvious to modify Stallings private key with Kausik' s software wallet 

because the wallet increases the security of key storage. 
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Claims 9, 21, 27, and 28 are rejected under 35 U.S.C 103(a) as being 
unpatentable over Stallings "How to protect the company jewels" in view of 
Fischer US 5,475,826 in view of Gasser US 5,224,163. 

As per claims 9, 21, 27, and 28 the previous S tailings-Fischer combination does 
not disclose that the certificate is revoked based on the validity of the long term 
information and public key. 

Gasser discloses that if the key of the certificate is compromised, it is revoked, 
(Col 7 lines 5-9). 

It would be obvious to one skilled in the art to modify Stallings certificate 
revocation with Gassers invalid key revocation, because a subject that used an 
invalid key would not be accepted. 

Claims 10, and 22, are rejected under 35 U*S.C. 103(a) as being unpatentable 
over Stallings "How to protect the company jewels" in view of Fischer US 
5,475,826 in view of Micali US 5,793,868 in view of Boyle 6,212,636. 

As per claims 10 and 22, the previous Stallings-Fischer combination does not 
disclose a revocation system involving hashes. MicaU discloses a certificate 
revocation system where the certificate authority takes a hash of the certificates to 
be revoked, (Col 3 lines 18-23). 

It would be obvious to one skilled in the art to modify Stallings revocation system 
with Micali' s hashes, because hash's take less memory to store, and are well 
known for authentication properties in the art. 
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Boyle discloses that upon being notified that a certificate is revoked, that any 
data related to the certificate is erased from memory, (Col 21 line 59- 67). 
It would be obvious to modify the Stallings-Fischer-Micali combination above 
with Boyle's method of deletion, because a subject would not want to accidentally 
use a revoked certificate. 

Claims 11, and 23 are rejected under 35 U.S.C, 103(a) as being unpatentable 
over Stallings "How to protect the company jewels'' in view of Fischer US 
5,475,826 in view of Micali US 5,793,868 in view of Perlman US 5,687,235 

As per claims 1 1 and 23, the previous Stallings-Fischer-Micali combination does 
not teach the certificate authority marking a certificate as being invalid in a 
database. 

Perlman teaches a certificate authority with a list of serial numbers of invalid 
certificates, and a CRL, (Col 6 lines 12-21). 

It would have been obvious to one of ordinary skill in the art to use the CRL 
system of Perlman with the previous Stallings-Fishcer-Macali combination 
because the CRL system improves the efficiency of an authentication exchange, 
(Perlman abstract). 
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Claims 12, and 24, are rejected under 35 U.S.C 103(a) as being unpatentable 
over Stallings "How to protect the company jewels" in view of Fischer US 
5,475,826 in view of Micali US 5,793,868 in view of Boyle 6,212,636 in view of 
Gasser US 5,224,163. 

As per claims 12 and 24, the previous Stallings-Fischer-Micali-Boyle 
combination does not disclose deleting the certificate from the database once it 
has been revoked. 

Gasser discloses a certificate authority (GNS) deletes the revoked certificate, 
(Col 7 lines 5-10). 

It would be obvious to one skilled in the art to modify the Stallings combination 
with Gasser' s deletion method because the certificates are no longer useful 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 

examiner should be directed to Christopher J. Brown whose telephone number is 

(571)272-3833. The examiner can normally be reached on 8:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

supervisor, Gregory Morse can be reached on (571)272-3838. The fax phone 

number for the organization where this application or proceeding is assigned is 

571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR 
only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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